package com.sec.config;

//@Configuration
//@EnableWebSecurity
public class WebSecurityConfig_bf {
//        extends WebSecurityConfigurerAdapter {

//    @Autowired
//    private MyAuthenticationSuccessHandler myAuthenticationSuccessHandler;
//    @Autowired
//    private MyAuthenticationFailureHandler myAuthenticationFailureHandler;
//
//    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
//        auth.inMemoryAuthentication()
//                .withUser("zhangsan").password(passwordEncoder().encode("123456")).roles("user")
//                .and()
//                .withUser("admin").password(passwordEncoder().encode("123456")).roles("admin")
//                .and()
//                .passwordEncoder(passwordEncoder());
//    }
//
//    @Override
//    protected void configure(HttpSecurity http) throws Exception {
//        //  允许所有用户访问"/"和"/index.html"
//        http.formLogin()
//                //                .loginPage("/login.html")
//                .loginProcessingUrl("/login")
//                .usernameParameter("username")
//                .passwordParameter("password")
//                .successHandler(myAuthenticationSuccessHandler)
//                .failureHandler(myAuthenticationFailureHandler)
//                .and()
//                .authorizeRequests()
//                .antMatchers("/login.html", "/login").permitAll()
//                .antMatchers("/hello/sayHello").hasAnyAuthority("ROLE_user", "ROLE_admin")
//                .antMatchers("/hello/sayHi").hasAnyRole("admin")
//                .anyRequest().authenticated()
//                .and()
//                .sessionManagement().sessionFixation().migrateSession()
//                .maximumSessions(1).maxSessionsPreventsLogin(false).expiredSessionStrategy(new MyExpiredSessionStrategy());
//    }
//
//    @Bean
//    public PasswordEncoder passwordEncoder() {
//        return new BCryptPasswordEncoder();
//    }


}